Skip to main content
POST
/
files
/
upload
上传文件
curl --request POST \
  --url https://{api_base_url}/files/upload \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: multipart/form-data' \
  --form file='@example-file' \
  --form 'user=<string>'
import requests

url = "https://{api_base_url}/files/upload"

files = { "file": ("example-file", open("example-file", "rb")) }
payload = { "user": "<string>" }
headers = {"Authorization": "Bearer <token>"}

response = requests.post(url, data=payload, files=files, headers=headers)

print(response.text)
const form = new FormData();
form.append('file', '<string>');
form.append('user', '<string>');

const options = {method: 'POST', headers: {Authorization: 'Bearer <token>'}};

options.body = form;

fetch('https://{api_base_url}/files/upload', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://{api_base_url}/files/upload",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n<string>\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"user\"\r\n\r\n<string>\r\n-----011000010111000001101001--",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: multipart/form-data"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://{api_base_url}/files/upload"

payload := strings.NewReader("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n<string>\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"user\"\r\n\r\n<string>\r\n-----011000010111000001101001--")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Bearer <token>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://{api_base_url}/files/upload")
.header("Authorization", "Bearer <token>")
.body("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n<string>\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"user\"\r\n\r\n<string>\r\n-----011000010111000001101001--")
.asString();
require 'uri'
require 'net/http'

url = URI("https://{api_base_url}/files/upload")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request.body = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"file\"; filename=\"example-file\"\r\nContent-Type: application/octet-stream\r\n\r\n<string>\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"user\"\r\n\r\n<string>\r\n-----011000010111000001101001--"

response = http.request(request)
puts response.read_body
{
  "id": "a1b2c3d4-5678-90ab-cdef-1234567890ab",
  "name": "product-photo.png",
  "size": 204800,
  "extension": "png",
  "mime_type": "image/png",
  "created_by": "f1e2d3c4-b5a6-7890-abcd-ef1234567890",
  "created_at": 1705407629,
  "preview_url": null,
  "source_url": "https://upload.dify.ai/files/a1b2c3d4-5678-90ab-cdef-1234567890ab/file-preview?timestamp=1705407629&nonce=8b3e26a5&sign=rN5DXW3xkVGwGE5MSvptu_BhQVXpMbXWmVJ0ib0LMzI=",
  "original_url": null,
  "user_id": null,
  "tenant_id": "11223344-5566-7788-99aa-bbccddeeff00",
  "conversation_id": null,
  "file_key": null
}

Authorizations

Authorization
string
header
required

API Key 认证。对于所有 API 请求,请在 Authorization HTTP 头中包含您的 API Key,并加上 Bearer 前缀。示例:Authorization: Bearer {API_KEY}强烈建议将 API Key 存储在服务端,不要在客户端共享或存储,以避免 API Key 泄漏导致严重后果。缺少或无效的 API Key 会返回 HTTP 401,错误码为 unauthorized

Body

multipart/form-data

文件上传请求。需要 multipart/form-data 格式。

file
file
required

要上传的文件。支持的类型包括图片、文档、音频和视频。

user
string

用户标识符,由开发者定义的规则生成,必须在应用内唯一。Service API 与 WebApp 的用户 ID 相互独立,即使取值相同也不指向同一用户。省略时,上传会归属到共享的 DEFAULT-USER 终端用户;后续请求只有携带与上传时相同的 user 值才能使用该文件。

Response

文件上传成功。

id
string<uuid>

唯一文件 ID。

name
string

文件名。

size
integer

文件大小(字节)。

extension
string | null

文件扩展名。

mime_type
string | null

文件的 MIME 类型。

created_by
string<uuid> | null

上传文件的用户 ID。

created_at
integer<int64>

上传时间戳(Unix 纪元秒)。

preview_url
string | null

文件的预览 URL。

source_url
string

文件的签名下载 URL。

original_url
string | null

文件的原始 URL。

user_id
string<uuid> | null

未使用,始终为 null

tenant_id
string<uuid> | null

关联的租户 ID。

conversation_id
string<uuid> | null

关联的会话 ID。

file_key
string | null

未使用,始终为 null

Last modified on July 9, 2026